* initial commit
* update logic to display flagged challenges properly to users and admins
* add report button to pages 'My Challenges' and 'Discover Challenges'
* allow mods to view flagged messages on challengeDetail view
* update showing flagged challenges for group challenges
* update showing flagged challenges for a specific challenge
* disallow closing a flagged challenge
* update notes to reflect apiParams properly
* fix css spacing
* update challenge en locales
* fix spacing
* update title of closeChallengeModal
* let user know flagged challenges cannot be cloned
* fix linting errors
* ensure flagged challenges cannot be declared with a winner and cloned via API
* define a non user challenge properly
* fix logic to check for a nonParticipant and nonLeader user when grabbing flagged challenges
* fix linting of max character of 100 / line
* remove reporting on 'my challenges' and 'discover challenges'
* WIP(challenges): disable clone button and add notes to new functions
* WIP(challenges): smol changes
* WIP(challenges): clone button only disabled for admin and flagged user; other users can still clone but the flag goes along with the clone
* WIP(challenges): stop flags carrying over on cloned challenges
* WIP(challenges): typo fixing, undoing a smol change
* fix(challenges): improved query logic for flags
* WIP(challenges): more smol changes
* fix(challenges): refactor queries
* fix(challenges): correct My Challenges tab logic
* WIP(challenges): fix clone button state
* WIP(challenges): really fixed clone button & clear flags from clones
* WIP(challenge): implement new design for reporting modal
* WIP(challenge): making things pretty
* WIP(challenge): conquering the close button
* WIP(challenge): fixin some spacing
* WIP(challenge): smol fix
* WIP(challenge): making sure the button is actually disabled
* WIP(challenge): fix blockquote css
* fix(tests): no private guilds
* fix(lint): curlies etc
* fix(test): moderator permission
* fix(lint): sure man whatever
* fix(lint): bad vim no tabby
* fix(test): permissions not contrib lol
* fix(challenges): add icon and fix leaky CSS
* fix(challenge): correct clone button behavior
---------
Co-authored-by: Julius Jung <me@matchajune.io>
Co-authored-by: SabreCat <sabe@habitica.com>
Co-authored-by: Sabe Jones <sabrecat@gmail.com>
* add max length validations for summary in challenge create and update controllers
* Add validation to group APIs
* fix lint errors
* add validation to group plan
* fix imports
* add tests
* add max length validations for summary in challenge create and update controllers
* Add validation to group APIs
* fix lint errors
* add validation to group plan
* fix imports
* add tests
* lint checks
* create Admin Panel page with initial content from Hall's admin section
* reorganise Admin Panel form and add more accordians
* add lastCron to fields returned by api.getHeroes
* improve timestamps and authentication section
* add party and quest info to Admin Panel, add party to heroAdminFields
* move Admin Panel menu item to top of menu, make invisible to non-admins
* remove code used for displaying all Heroes
* add avatar appearance and drops section in Admin Panel
* allow logged-in user to be the default hero loaded
* add time zones to timestamp/authentication section
* rename Items to Update Items
This will allow a new Items section to be added.
* add read-only Items display with button to copy data to Update Items section
* remove never-used allItemsPaths code that had been copied from Hall
* update tests for the attributes added to heroAdminFields
* supply names for items and also set information for gear/equipment
* remove code that loads subsections of content
We use enough of the content that it's easier to load it all and
access it through the content object, especially when we're looping
through different item types.
* add gear names and set details to Avatar Costume/Battle Gear section
* make the wiki URLs clickable and make minor item format improvements
* add gear sets for Check-In Incentives and animal ears and tails
* add gear set for Gold-Purchasable Quest Lines
Also merges the existing Mystery of the Masterclassers quest set into it.
* fix error with Kickstarter gear set and include wiki link
* improve description of check-in incentive gear set
* fix description of Items section
* fix lint warnings
* update another test for the attributes added to heroAdminFields
* allow "@" to be included when specifying Username to load
* create GetHeroParty API v3 route to fetch a given user's party data
Only some data from the party will be loaded (e.g., not private
data such as name, description).
Includes tests for the route.
See the next commit for front-end changes that use this.
* display data from a given user's party in admin panel
Only some data from the party will be loaded (e.g., not private
data such as name, description).
Also adds support for finding and displaying errors from the
user's data.
* use new error handling method for other sections
- Time zone differences
- Cron bugs
- Privilege removal (mute/block) - not a bug but needs to be highlighted
* redirect non-admin users away from admin-only page (WIP)
This needs more work. Currently, admin users are also redirected
if they access the page by direct URL or after reload.
* clarify source of items from Check-In Incentives and Lunar Battle quests
* replace non-standard form fields with HTML forms
* add user's language, remove unused export blocks
* convert functions to filters: formatDate, formatTimeZone
* improve display of minutes portion of time zone in Admin Panel
* move basic details about user to a new component
* move Timestamp/Cron/Auth/etc details to a new component - WIP, has errors
The automatic expand and error warnings don't reset themselves when
you fetch data for a new user.
* replace non-standard form fields with HTML forms
Most of this was done in 26fdcbbee5
* move Timestamp/Cron/Auth/etc details to a new component (fixed)
* move Avatar and Drops section to a new component
* move Party and Quest section to a new component
* move Contributor Details to new component, add checkbox for admin, add preview
This adds a markdown-enabled preview of the Contributions textarea.
It also removes the code that automatically set contributor.admin
to true when the Tier was above 7.
That feature wasn't secure because the Tier can be accidentally
changed if you scroll while the cursor is over the Tier form field
(we accidentally demoted a Socialite once by doing that and if
we'd scrolled in the other direction we would have given her
admin privileges).
Instead there's now a checkbox for giving moderator-level privileges.
We'll want that anyway when we move to a system of selected
privileges for each admin instead of all admin privileges being
given to all mods/staff.
There's also a commented-out checkbox for giving Bailey CMS
privileges, for when we're ready to use that. The User model doesn't
yet have support for it.
* move Privileges and Gems section to a new component
* rename formatItems to getItemDescription; make other minor fixes
* remove an outdated test description
This "pended" explanation probably wasn't needed after "x" was
removed from "describe" in 2ab76db27c
* add newsPoster Bailey CMS permission to User model and Admin Panel
* move formatDate from mixins to filters
* make lint fixes
* remove development comments from hall.js
I'll be handling the TODO comment and I've left in my "XXX" marker
to remind me
* fix bug in Hall's castItemVal: mounts are null not false
* move Items section to a new component and delete Update Items section
The Update Items section is no longer needed because the new Items
component has in-place editing.
* remove unused imports
* add "secret" field to "Privileges, Gem Balance" section.
Also move the markdownPreview style from contributorDetails.vue to
index.vue since it's used in two components now.
* show non-Standard never-owned Pets and Mounts in Items section
* redirect non-admin users away from admin-only page
This completes the work started in commit a4f9c754ad
It now allows admins to access the page when coming from another
page on the site or from a direct link, including if the admin user
isn't logged in yet.
* display memberCount for party
* add secret.text field to Contributor Details
This is in addition to showing it in the Privileges section because
the secret text could be about either troublesome behaviour or
contributions.
* allow user to be loaded into Admin Panel via a URL
This includes:
- router config has a child route for the admin panel with a
Username/ID as a parameter
- loadHero code moved from top-level index page into a new
"user support" index page
- links in the Hall changed to point to admin panel route
- admin panel link added to admin section of user profile modal
* keep list of known titles on their own lines
* sort heroFields alphabetically
No actual changes.
* return all flags for use in Admin Panel and fix Hall tests for flags
Future Admin Panel changes will display more flags.
NB 'flags' wasn't in the tests before, even though two optional
flags were being fetched.
The tests weren't failing because the test users hadn't been given
data for those optional flags.
The primary reason for this change now is to fix the tests.
* show part of the API Token in the Admin Panel
* send full hero object into cronAndAuth.vue
This is a prelude to allowing this component to change the hero.
* split heroAdminFields string into two: one for fetching data and one for showing it
This is because apiToken must be fetched but not shown,
while apiTokenObscured is calculated (not fetched) and shown.
* let admin change a user's API Token
* restore sanity
* remove code to show obscured version of API Token
It will return with tighter permissions for viewing it.
* add Custom Day Start time (CDS) to Timestamps, Time Zone... section
* commit lint's automatic fixes - one for admin-panel changes in hall.js
The other fixes aren't related to this PR but I figured they may
as well go live.
* apply fixes from paglias's comments, excluding style/CSS changesd
The comments that this PR fixes start at
https://github.com/HabitRPG/habitica/pull/12035#pullrequestreview-500422316
Style fixes will be in a future commit.
* fix styles/CSS
* allow profile modal to close when using admin panel link
Also removes an empty components block.
* prevent Admin Panel being used without new userSupport privilege
Also adds initial support for other contributor.priv privileges
and changes Debug Menu to add userSupport privilege
* don't do this: this.hero = { ...hero };
* enhance quest error messages
* redirect to admin-panel home page when using "Save and Clear Data"
The user's ID / name is still in the form for easy refetching.
* create ensurePriv function, use in api.getHeroParty
* fix lint problems and integration tests
* add page title to top-level Admin Panel
Also add more details to a router comment (consistent with a similar
comment) in case it helps anyone.
* fix tests
* display Moderation Notes above Contributions
* lint fix
* remove placeholder code for new privileges
I had planned to have each of these implemented in stages, but
paglias wanted it all done at once. I'm afraid that's too big a
project for me to take on in a single PR so I'm cancelling
the plans for adjusting the privileges.
* Improve permission handling
* Don't report timezone error on first day
* fix lint error
* .
* Fix lint error
* fix failing tests
* Fix more tests
* .
* ..
* ...
* fix(admin): always include permissions when querying user
also remove unnecessary failing test case
* permission improvements
* show transactions in admin panel
* fix lint errors
* fix permission check
* fix(panel): missing mixin, handle empty perms object
Co-authored-by: Alys <alice.harris@oldgods.net>
Co-authored-by: SabreCat <sabe@habitica.com>
* refactor(api-members): separate handler for the GET /challenges/:challengeId/members route
* refactor(api-members): challenges-related code removed from _getMembersForItem handler function
* feat(api-members): added support to the new includeTasks query parameter for the GET /challenges/:challengeId/members route
* fix(api-members): adjustments to the GET /challenges/:challengeId/members route
* fix(api-members): merge of _getMembersTasksFromChallenge and additional check for a test suite
* refactor(api-members): includeAllMembers query parameter got removed from the GET /challenges/:challengeId/members route
* GET-challenges_challengeId_members.test.js: use _id
* members.js: use _id instead of id
* use id instead of _id
* _id instead of id
Co-authored-by: Matteo Pagliazzi <matteopagliazzi@gmail.com>
* challenge won notification: add more info
* update tests
* use new notification on web, fixes#7716
* wip design
* finalize design
* fix markdown rendering
* Fix bug in challenge tags not converted to normal tags after challenge ended/deleted
* Added test cases to test bug fix
* Set tag.challenge from String to Boolean in tag model schema
* Update existing test with tag challenge set to boolean instead of string
* Added migration file for converting tag challenge field from string to bool
* Implement suggestions from ilnt
* Use mongoose instead of Mock in migration
* Change from update to bulkwrite
* update users individually
Co-authored-by: Matteo Pagliazzi <matteopagliazzi@gmail.com>
* when filtering by owned challenges, challenges that a user owns but has not joined will be included
* add tests for filtering challenges by owned
* fix lint
* Ensure official challenges are listed first
* Fix lint errors
* Move query creation into separate function
* switching branches
* Fixes and tests
* Formatting fixes
* Linting
* fix tests
- Adds the member's username to the challenge csv
- Updates to unit tests
- Issue #10955
Supports the ability for challenge owners to judge challenge winners
after the added functionality enabling users to modify their name
(display name). The added field ties the user to their results by
their username.
* rename hasAccess to canJoin for challenges
This is so the function won't be used accidentally for other
purposes, since hasAccess could be misinterpretted.
* add isLeader function for challenges
* allow challenge leader to join/modify/end challenge when they're not in the private group it's in
* delete duplicate test
* clarify title of existing tests
* add tests and adjust existing tests to reduce privileges of test users
* fix lint errors
* remove pointless isLeader check (it's checked in canJoin)
* Fix joinedChallenge achievement being awarded when creating a challenge
* Modify test to check that achievement is not awarded for creating a challenge
* fix(challenges): creator should not join challenge automatically
* change behavior on the client side as well
* update tests and fix membercount
* update tests
* fix tests
Some tests were disabled in ba799c67f9 and
10567d81e2, because they tend to
frequently time out after 8 seconds.
Instead of disabling the tests (which IMHO is bad, because tests are
there for a reason), we're now increasing the timeout to 30 seconds just
for these tests.
As requested by @paglias, I've marked the timeout functions with a @TODO
comment, so that the slow tests or the functionality they're testing are
eventually refactored.
I also needed to change the arrow notation for the test cases to use the
function keyword, because otherwise we don't have this.timeout()
available.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @paglias
* Fix challenges export CSV error by checking that users still belong to challenge
* Add test for challenge csv export fix
* Update fix for challenge export CSV bug
* Update tests for challenge export CSV to be more complete
* Refactor a test: change some 'let' variables to 'const'
* Added clone api
* Added new clone UI
* Fixed challenge clone
* Fixed lint and added mongo toObject
* Removed clone field, fixed type, fixed challenge task query
* Auto selected group
* Accounted for group balance when creating challenge
* Added check for if user is leader of guild
* Added leader existence check
* Added fix for leader and prizecost equal to
* update API comments to for `username` restrictions and to use Login Name terminology
We use "login name" rather than "username" in user-visible text
on the website and (usually) when communicating with users because
"username" could be confused with "profile name".
Using it in the docs allows you to search for that term.
* add alphanumeric and length validation for creating new login name (username)
The 'en-US' locale is specified explicitly to ensure we never use
another locale. The point of this change is to limit the character
set to prevent login names being used to send spam in the Welcome
emails, such as Chinese language spam we've had trouble with.
* add error messages for bad login names
* allow login name to also contain hyphens
This is because our automated tests generate user accounts using:
let username = generateUUID();
* allow login names to be up to 36 characters long because we use UUIDs as login names in our tests
* revert back to using max 20 characters and only a-z, 0-9 for login name.
It's been decided to change the username generation in the tests instead.
* disable test that is failing because it's redundant
Spaces are now prohibited by other code.
We can probably delete this test later. I don't want to delete it
now, but instead give us time to think about that.
* fix typos
* revert to login name restrictions that allow us to keep using our existing test code
I'm really not comfortable changing our test suite in ways that
aren't essential, especially since we're working in a hurry with
a larger chance than normal of breaking things.
The 36 character length is larger than we initially decided but
not so much larger that it's a huge problem.
We can reduce it to 20 when we have more time.
* limit username length to 20 chars
* fix tests
* test get party challenges by party ID
* tavern challenge tests; failing tests with ID 'party' or 'habitrpg'
* allow finding challenges by groupid 'party' or 'habitrpg'
* use single quotes in strings
* Added removing invites
* Addeed messages for empty gems to icon
* Added member for challenge members
* Fixed task cloning ending
* Fixed group task assignment
* Added small hack to prevent scrolling issues
* Fixed lint
